Reminder - our Debian archive GPG key has changed and the old key will stop being used to sign our archives in about a week's time, due to its expiry. Please ensure you've updated using the instructions below.
=== The GPG key used to sign our Debian/Ubuntu archives at deb.theforeman.org is being updated and all such users should install the new GPG key. In short, this can be done by running: curl https://deb.theforeman.org/pubkey.gpg | sudo apt-key add - As of 2016-04-08, both the existing and new key are being used to sign our archives until around 2016-06-30, when the old one expires. If you'd like to verify the key, more information is below: Key ID: 0x563278F6 Fingerprint: AE0A F310 E2EA 96B6 B6F4 BD72 6F86 00B9 5632 78F6 Name: Foreman Automatic Signing Key (2016) <[email protected]> The public key on the keyserver has signatures from myself (key ID 0x2C2B72CC) and the existing 2014 key (key ID 0x1AA043B8), and this e-mail is also signed by me. To verify the new key using the old key, you can run something like: 1. apt-key export 1AA043B8 | gpg --import 2. curl https://deb.theforeman.org/pubkey.gpg | gpg --import 3. gpg --check-sigs 563278F6 4. verify that "sig!" is listed next to 1AA043B8, the 2014 key. "sig-" indicates a bad signature. 5. gpg --export 563278F6 | sudo apt-key add - It is also listed on our website at https://theforeman.org/security.html and at https://deb.theforeman.org/pubkey.gpg Please reply to foreman-users if you have any questions. -- Dominic Cleal [email protected] -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
